Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/ae8c35-f9d7-437b-8996-32a4278e5bc5/1/lwhyRZO0dTF1shSBLPaJGmRfhMU.mft
File:                     lwhyRZO0dTF1shSBLPaJGmRfhMU.mft (raw, json)
Hash identifier:          VgGpAvMPyMP9127dRaZFumd1SyFtP+VWelqtrN55bSk=
Subject key identifier:   1D:B1:63:F6:32:EE:1E:E7:A6:A4:7B:58:51:E9:DA:23:79:51:77:3D
Authority key identifier: 97:08:72:45:93:B4:75:31:75:B2:14:81:2C:F6:89:1A:64:5F:84:C5
Certificate issuer:       /CN=9708724593b4753175b214812cf6891a645f84c5
Certificate serial:       0196827E3C97447806888974BE8AED7396C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lwhyRZO0dTF1shSBLPaJGmRfhMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/ae8c35-f9d7-437b-8996-32a4278e5bc5/1/lwhyRZO0dTF1shSBLPaJGmRfhMU.mft
Manifest number:          39
Signing time:             Tue 29 Apr 2025 17:00:33 +0000
Manifest this update:     Tue 29 Apr 2025 17:00:33 +0000
Manifest next update:     Wed 30 Apr 2025 17:00:33 +0000
Files and hashes:         1: ANb8R9j2-02RgxidkX6we3ysGQE.roa (hash: PtyNaJPud8TrVLKjYWqb06NjCoREWDEBCKKVezOGEGI=)
                          2: lwhyRZO0dTF1shSBLPaJGmRfhMU.crl (hash: aXRuNb0I4Gf25RPYI1YLjZ8XUF4q3F/jYM57Ns57vh0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/ae8c35-f9d7-437b-8996-32a4278e5bc5/1/lwhyRZO0dTF1shSBLPaJGmRfhMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/ae8c35-f9d7-437b-8996-32a4278e5bc5/1/lwhyRZO0dTF1shSBLPaJGmRfhMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lwhyRZO0dTF1shSBLPaJGmRfhMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 15:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:82:7e:3c:97:44:78:06:88:89:74:be:8a:ed:73:96:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9708724593b4753175b214812cf6891a645f84c5
        Validity
            Not Before: Apr 29 17:00:33 2025 GMT
            Not After : Apr 30 17:00:33 2025 GMT
        Subject: CN=1db163f632ee1ee7a6a47b5851e9da237951773d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f1:c0:e1:32:cc:de:ad:07:5c:86:00:4b:1f:
                    8e:c1:2f:50:12:f5:73:17:dc:a9:61:6b:7b:b2:1d:
                    25:80:4e:b4:c1:e9:96:1e:d2:05:4e:d5:f6:4d:a6:
                    e4:88:22:32:4b:be:bf:09:20:38:95:06:b3:a7:8e:
                    db:26:d8:6f:52:6b:51:e4:61:78:9f:23:ce:91:2e:
                    b2:f1:45:d7:90:e7:d1:4c:a3:fb:9e:24:c5:0f:a8:
                    e0:9b:00:5e:43:ea:88:58:f6:f3:88:45:07:ae:2c:
                    c7:7f:39:5c:49:6e:c5:49:c8:14:d0:f0:5c:59:4d:
                    88:b0:3c:96:15:36:ea:1a:2c:08:3b:91:a0:8b:03:
                    e5:e2:8c:c8:49:a8:17:ae:39:21:d6:2f:76:e6:a7:
                    9c:27:76:df:99:5f:5f:7a:d6:19:e7:6a:ff:3a:67:
                    c5:d9:32:72:40:54:66:18:b9:22:30:e6:9b:ed:c2:
                    0d:6a:2e:ed:8a:79:74:4c:1e:55:17:78:fd:b8:f3:
                    dc:e3:bd:d3:b0:2a:f6:45:68:81:65:56:fd:90:2d:
                    09:41:a8:97:45:17:ce:59:e9:86:c3:f6:91:5d:9f:
                    fd:1a:c2:05:c0:36:70:bf:f7:42:76:f8:e6:dd:64:
                    48:e6:c3:58:a8:4f:48:d1:34:f6:18:fd:35:ab:db:
                    1d:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:B1:63:F6:32:EE:1E:E7:A6:A4:7B:58:51:E9:DA:23:79:51:77:3D
            X509v3 Authority Key Identifier:
                keyid:97:08:72:45:93:B4:75:31:75:B2:14:81:2C:F6:89:1A:64:5F:84:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lwhyRZO0dTF1shSBLPaJGmRfhMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ae8c35-f9d7-437b-8996-32a4278e5bc5/1/lwhyRZO0dTF1shSBLPaJGmRfhMU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ae8c35-f9d7-437b-8996-32a4278e5bc5/1/lwhyRZO0dTF1shSBLPaJGmRfhMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:0d:e5:62:ce:cd:a0:b9:a0:77:a5:26:50:2d:fb:65:2a:05:
         c6:e8:92:90:ff:12:2f:7c:18:c5:fd:21:0f:93:fa:ac:c1:02:
         7a:6b:2e:d4:38:49:e0:0c:3b:93:9f:25:aa:74:a7:23:75:81:
         5f:ea:1c:40:a4:be:c7:be:95:62:6e:f3:b5:4b:dc:06:de:03:
         a0:59:f5:c5:8e:a4:38:e8:89:e5:95:48:6a:b6:79:53:79:cc:
         dd:7e:79:a2:9d:4a:8f:c1:de:9f:1a:ca:08:0f:de:2a:73:13:
         50:eb:be:a4:e7:43:7e:a8:9a:c4:10:24:b4:c5:2b:38:d3:f2:
         bc:8b:ac:85:19:69:41:5b:7a:33:4a:07:54:b6:b0:9c:e3:32:
         48:5a:81:44:63:ea:0e:ae:b4:1c:ad:bf:81:08:8c:54:41:4b:
         fc:94:98:9f:14:2a:ba:c3:2f:57:4f:a1:1a:c0:24:ff:fe:9d:
         33:e0:e1:bd:33:96:8e:4b:51:ea:7f:90:e1:df:c7:c7:4f:72:
         e2:af:ec:4c:ef:04:22:e5:84:7d:e2:ab:03:1a:0d:e1:62:42:
         3b:2f:97:06:49:6f:cc:5b:9e:e2:1b:72:30:c0:8d:41:92:be:
         5a:a7:c4:98:66:c7:1b:c3:de:39:31:37:0e:86:5a:3c:d8:fb:
         b7:5b:22:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaCfjyXRHgGiIl0vortc5bCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MDg3MjQ1OTNiNDc1MzE3NWIyMTQ4MTJjZjY4OTFhNjQ1
Zjg0YzUwHhcNMjUwNDI5MTcwMDMzWhcNMjUwNDMwMTcwMDMzWjAzMTEwLwYDVQQD
EygxZGIxNjNmNjMyZWUxZWU3YTZhNDdiNTg1MWU5ZGEyMzc5NTE3NzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPHA4TLM3q0HXIYASx+OwS9QEvVz
F9ypYWt7sh0lgE60wemWHtIFTtX2TabkiCIyS76/CSA4lQazp47bJthvUmtR5GF4
nyPOkS6y8UXXkOfRTKP7niTFD6jgmwBeQ+qIWPbziEUHrizHfzlcSW7FScgU0PBc
WU2IsDyWFTbqGiwIO5GgiwPl4ozISagXrjkh1i925qecJ3bfmV9fetYZ52r/OmfF
2TJyQFRmGLkiMOab7cINai7tinl0TB5VF3j9uPPc473TsCr2RWiBZVb9kC0JQaiX
RRfOWemGw/aRXZ/9GsIFwDZwv/dCdvjm3WRI5sNYqE9I0TT2GP01q9sdtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2xY/Yy7h7npqR7WFHp2iN5UXc9MB8GA1UdIwQY
MBaAFJcIckWTtHUxdbIUgSz2iRpkX4TFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHdoeVJaTzBkVEYxc2hTQkxQYUpHbVJmaE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hZThjMzUtZjlkNy00MzdiLTg5OTYt
MzJhNDI3OGU1YmM1LzEvbHdoeVJaTzBkVEYxc2hTQkxQYUpHbVJmaE1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hZThjMzUtZjlkNy00MzdiLTg5OTYtMzJhNDI3OGU1YmM1
LzEvbHdoeVJaTzBkVEYxc2hTQkxQYUpHbVJmaE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOw3lYs7N
oLmgd6UmUC37ZSoFxuiSkP8SL3wYxf0hD5P6rMECemsu1DhJ4Aw7k58lqnSnI3WB
X+ocQKS+x76VYm7ztUvcBt4DoFn1xY6kOOiJ5ZVIarZ5U3nM3X55op1Kj8HenxrK
CA/eKnMTUOu+pOdDfqiaxBAktMUrONPyvIushRlpQVt6M0oHVLawnOMySFqBRGPq
Dq60HK2/gQiMVEFL/JSYnxQqusMvV0+hGsAk//6dM+DhvTOWjktR6n+Q4d/Hx09y
4q/sTO8EIuWEfeKrAxoN4WJCOy+XBklvzFue4htyMMCNQZK+WqfEmGbHG8PeOTE3
DoZaPNj7t1si1Q==
-----END CERTIFICATE-----
Generated at Tue Apr 29 19:55:15 2025 by rpki-client